Educause Security Discussion mailing list archives
Re: RuffaloCODY Fundraising Management question
From: "Plesco, Todd" <tplesco () CHAPMAN EDU>
Date: Wed, 17 Sep 2014 22:05:52 +0000
Hi Walter, I'm curious what responses/intelligence you may have collected. We are examining the contract currently and I'm also coming up with questions of liability and responsibility. Any assistance would be greatly appreciated. Best, Todd A. Plesco CISM, CBCP Chapman University, Director of Information Security Phone: (714) 997-6726/Fax: (714) 744-7041 From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Walter Petruska Sent: Friday, June 21, 2013 1:46 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] RuffaloCODY Fundraising Management question Thanks, Jon. I've received many replies which lead me to believe that we've had near-universal experiences leaving us wishing for a better standard services agreement from RuffaloCODY. We're on negotiated version 3, which (surprise surprise) finally nails down language over who is responsible for what- and what the delineation is between PCI scopes between RC and USF. As a way of asking what you ended up with- do you have a picture/drawing or verbal description over what components, systems and people are in PCI scope to which party? On Thu, Jun 20, 2013 at 1:39 PM, Allen, Jon D. <Jon_Allen () baylor edu<mailto:Jon_Allen () baylor edu>> wrote: We went through a long process on this one. I am happy to talk. Thanks, _________________________________ Jon Allen, CISSP, EnCE Assistant Vice President & Chief Information Security Officer 254.710.4793<tel:254.710.4793><tel:254.710.4793<tel:254.710.4793>> [Description: Description: bearawarefinal] www.baylor.edu/bearaware<http://www.baylor.edu/bearaware><http://www.baylor.edu/bearaware> On Jun 20, 2013, at 11:20 AM, "Coffman, Tobiah" <tcoffman () BSU EDU<mailto:tcoffman () BSU EDU><mailto:tcoffman () BSU EDU<mailto:tcoffman () BSU EDU>>> wrote: Walter, We have RuffaloCODY on our campus. I have somewhat limited knowledge of the setup, but I can answer what I know and try to get answers for anything else. -Tobey Coffman, CISSP Director of Information Security Ball State University From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>] On Behalf Of Walter Petruska Sent: Wednesday, June 19, 2013 3:07 PM To: SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU><mailto:SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>> Subject: [SECURITY] RuffaloCODY Fundraising Management question Could any of you who have RuffaloCODY as a service provider, operating ON your campus (and therefore within your facilities/on your network, etc.) please contact me directly (off-list) for a brief discussion. The topic is past performance, and specifically, PCI-compliance and where to draw the contract and technology and organizational lines to maintain compliance of each party (RuffaloCODY & your institution) Thanks much- -- Walter Petruska CISSP, CISA, CGEIT Information Security Officer infosec.usfca.edu<http://infosec.usfca.edu><http://infosec.usfca.edu> [http://www.usfca.edu/images/usflogo_tag_180.png] University of San Francisco Lone Mountain North - 2nd Floor 2130 Fulton Street San Francisco, CA 94117 ITS Help Desk, Phone: 415-422-6668<tel:415-422-6668> -- Walter Petruska CISSP, CISA, CGEIT Information Security Officer infosec.usfca.edu<http://infosec.usfca.edu> [http://www.usfca.edu/images/usflogo_tag_180.png] University of San Francisco Lone Mountain North - 2nd Floor 2130 Fulton Street San Francisco, CA 94117 ITS Help Desk, Phone: 415-422-6668
Current thread:
- Re: RuffaloCODY Fundraising Management question Plesco, Todd (Sep 17)
- Re: RuffaloCODY Fundraising Management question Walter Petruska (Sep 18)